help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Help with file: checksum=md5


From: Michael Coffman
Subject: RE: Help with file: checksum=md5
Date: Fri, 22 Sep 2000 08:19:49 -0600 (MDT)

On Fri, 22 Sep 2000, Andrews, Martin wrote:

 > Michael,
 > 
 > You need to send ChecksumUpdates to change entries in the database. I have a
 > section like:
 > 
 > control:
 >     # Define this if you want to update the checksum database (after
 >     # updating the OS, for instance).
 > 
 >     newsum::
 >     ChecksumUpdates = ( on )

 Thanks.  Where is this documented?  I don't see it in the Reference Manul
 at http://www.iu.hioslo.no/cfengine/docs/cfengine-Reference.html
 
 This worked but I still don't think it is what I want.

 I want to have a local copy of a file that can be edited by the machines
 owner, when it is changed I want to detect this and merge the changes
 with a master file into the actual derived file.

 I don't know how to identify when the local copy, say /etc/inetd.conf.local,
 has changed if I don't have a reference file.  I thought the checksum database
 would serve this purpose, but it is not very clean since the define is not
 executed unless an action is taken.

 How are others doing this?

 > 
 > And then run "cfengine --define newsum" when I want to update the database.
 > 
 > Martin
 > 
 > > -----Original Message-----
 > > From: Michael Coffman [mailto:address@hidden
 > > Sent: Friday, September 22, 2000 2:04 PM
 > > To: address@hidden
 > > Subject: Help with file: checksum=md5
 > > 
 > > 
 > > 
 > > Okay,  Thanks to the help of Patrice Guerlais and Mark Burgess.  I was
 > > able to get cfengine compiled with BerkelyDB.  Now I have the 
 > > following 
 > > problem.  Here is the relavant portion of the config file I 
 > > am using on the
 > > client:
 > > 
 > > copy:
 > >   $(remotefiles)/motd
 > >   dest=/etc/motd
 > >   mode=0444
 > >   server=colonel
 > >   define=cp_motd
 > > 
 > > files:                    # i have to use the action=touch to 
 > > get cp_motd
 > >   $(localfiles)/motd      # defined
 > >   checksum=md5
 > >   action=touch
 > >   define=cp_motd
 > > 
 > > shellcommands:
 > >   cp_motd::
 > >     "/usr/bin/echo hello > /tmp/cfengine.out"
 > > 
 > > 
 > > The copy does what I would expect updating the file if it is 
 > > different than
 > > the servers copy.  The files section sets the define if the 
 > > checksum is
 > > different, and the shellcommand executes.
 > > 
 > > The md5 entry in the cached database of file checksums does 
 > > not update as
 > > the documentation seems to indicate that it should.  Each time I run 
 > > cfengine, I get the error:
 > > 
 > >  
 > > >---------------------------------------------------------------------
 > >  >Checking files
 > >  
 > > >---------------------------------------------------------------------
 > > 
 > >  >Checking file(s) in /var/opt/sa/config/local-files/motd
 > >  >cfengine:joker: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 > >  >cfengine:joker: SECURITY ALERT: Checksum for
 > >  >/var/opt/sa/config/local-files/motd changed!
 > >  >cfengine:joker: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 > >  >Saving the setuid log in /var/run/cfengine/cfengine.joker.log
 > > 
 > > According to the docs, 
 > > 
 > >      "Security warning messages are issued only once and the value in
 > >      the database is then changed to the
 > >     new value of the file automatically"
 > > 
 > > 
 > > Thanks for any help.
 > > 
 > > -MichaelC
 > > ------------------------------------------------------------------
 > > -- Life is lived forward but understood backward.
 > > 
 > > _______________________________________________
 > > Help-cfengine mailing list
 > > address@hidden
 > > http://mail.gnu.org/mailman/listinfo/help-cfengine
 > > 
 > 


-MichaelC
------------------------------------------------------------------
-- Life is lived forward but understood backward.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]